[unisog] Super-hidden spamming exploits?

Jeff Bollinger jeff01 at email.unc.edu
Thu Sep 25 20:56:42 GMT 2003


Rita Seplowitz Saltz wrote:
> Greetings.
> 
> We've seen a number of student-owned MS Windows machines exploited by 
> spammers, even after the "usual suspects" have been addressed 
> (administrator password, backdoors, remote code, spyware, assorted 
> viruses) and the systems are believed to have been locked down securely.
> 
> Has anyone else seen this kind of thing?  And, if so,  have you any 
> helpful insights to offer?
> 
> Thanks,
> 
> Rita Saltz
> [now] Senior Policy Advisor
> Office of Information Technology (OIT)
> Princeton University
> rita at princeton.edu
> 


Yes!  We have seen several instances of this.  Have a look at this 
analysis from the Full-Disclosure mailing list.  It has some information 
regarding this exploit that we have confirmed (audio.exe, etc.)

http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4747.html

Jeff
-- 
Jeff Bollinger, CISSP
University of North Carolina
IT Security Analyst
105 Abernethy Hall
mailto: jeff @unc dot edu



More information about the unisog mailing list